General
-
Target
1b0726100586701f9058e38a25a4e7ddd4058c3da82cfdaa11d4246c66fc15b6
-
Size
29KB
-
Sample
250529-lzrreabn4v
-
MD5
f85dbce1d2e6abf206cf7c404f4eb1ef
-
SHA1
c208b82a64dd81cffc6c1eea45b0614ce261c1d4
-
SHA256
1b0726100586701f9058e38a25a4e7ddd4058c3da82cfdaa11d4246c66fc15b6
-
SHA512
d3386a7a1929ddc7435f9dbaec0a297ac488fb805051e0c8aa416dc3dffdf1d25b011d2d072e760e2590230ad941621870bd146993361f8773539452afdbca73
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOoJhiJhuMy9rIMy9r6:uGIIoJhiJhuMyVIMyV6
Static task
static1
Behavioral task
behavioral1
Sample
1b0726100586701f9058e38a25a4e7ddd4058c3da82cfdaa11d4246c66fc15b6.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
1b0726100586701f9058e38a25a4e7ddd4058c3da82cfdaa11d4246c66fc15b6
-
Size
29KB
-
MD5
f85dbce1d2e6abf206cf7c404f4eb1ef
-
SHA1
c208b82a64dd81cffc6c1eea45b0614ce261c1d4
-
SHA256
1b0726100586701f9058e38a25a4e7ddd4058c3da82cfdaa11d4246c66fc15b6
-
SHA512
d3386a7a1929ddc7435f9dbaec0a297ac488fb805051e0c8aa416dc3dffdf1d25b011d2d072e760e2590230ad941621870bd146993361f8773539452afdbca73
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOoJhiJhuMy9rIMy9r6:uGIIoJhiJhuMyVIMyV6
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5283) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-